Shulou(Shulou.com)05/31 Report--

Today, I will talk to you about the example analysis that AirDoS attacks can make nearby iPhone or iPad devices unusable remotely. Many people may not know much about it. In order to make you understand better, the editor summarizes the following contents. I hope you can get something from this article.

What if you can disable all the iPhone or iPad devices in a room as soon as you walk into it? Doesn't that sound very evil? Is there any good way to stop people who keep their heads down and swipe their iPhones?

Recently, the author discovered a DoS problem in the iOS system and temporarily named it AirDoS (spaced DoS), which allows attackers to keep sending spam messages to nearby iOS devices using the AirDrop share pop-up window. This shared pop-up window blocks the user interface, so the device owner will not be able to perform any action on the device except to select the accept or reject button on the pop-up window, and the pop-up window will be repeated over and over again, even after the device is locked. will continue to happen.

The Bug is limited by the AirDrop receive setting, which means that if you set AirDrop to Everyone, then anyone around you may attack you, but if set to "Contacts Only only", only people in your address book can attack you. If someone launches this kind of attack nearby, then you won't be able to use iPhone or iPad devices, but I'm not sure how effective this attack will be on the plane.

In most cases, this kind of attacker is difficult to identify, except to avoid the attacker, you can turn off all three AirDrop/WiFi/Bluetooth. If you do not disable the control center, you can access the control center from the lock screen interface to close the AirDrop/WiFi/Bluetooth, of course, you can also let SIRI to perform the WiFi/Bluetooth shutdown. In addition, rebooting the device will allow a little time to shut down the AirDrop before the attack continues. To prevent this attack, open AirDrop only when you need it, and do not set its acceptance limit to "Everyone".

PoC

I posted the PoC script for the Bug on GitHub. in order to reduce the public safety impact, the PoC only supports devices where AirDrop is set to contact-only "Contacts Only". OpenDrop support was added to PoC, and inspired by OpenDrop, I tried to discover the problem.

OpenDrop is a command-line tool that allows you to share files directly between devices via Wi-Fi. It is unique in that it is compatible with Apple's AirDrop, and the AIrDrop feature allows users to share files with Apple devices running iOS and macOS. Currently, OpenDrop only supports sending to Apple devices that are discoverable by everyone, because the default contact-only mode requires certificates issued by Apple.

This is a simple Bug, which can be implemented by constructing a simple infinite loop command with opendrop:

While true; do opendrop send-r 0-f totally-random-file; done

MacOS

MacOS's AirDrop sharing is a little different from iOS and does not block the user interface. Although an attacker can always use the above Bug to send a large number of spam request messages to the victim, because the user interface cannot be congested, the victim user can choose to shut down AirDrop or WiFi/Bluetooth to prevent the attack. However, in macOS Catalina 10.15.2, this problem of repeatedly sending junk shared messages has been fixed.

After reading the above, do you have any further understanding of the example analysis in which AirDoS attacks can remotely render nearby iPhone or iPad devices unusable? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.